fixed auth, added more endpoints and config saving

2025-07-28 18:52:53 +03:00
parent 08d2ebb1b7
commit 2ef27a9137
14 changed files with 409 additions and 115 deletions
--- a/src/api/anon.py
+++ b/src/api/anon.py
@ -0,0 +1,40 @@
+from typing import Annotated
+
+from fastapi import APIRouter, Depends, HTTPException, status
+from psycopg2._psycopg import connection
+
+import db.users as db
+import settings.settings as settings
+from api.utils import get_password_hash
+from db.internal import get_db_connection
+
+anon_router = APIRouter(prefix="/api/anon", tags=["anon"])
+
+
+@anon_router.post("/add/admin")
+async def add_admin(
+    username: str,
+    password: str,
+    conn: Annotated[connection, Depends(get_db_connection)]
+):
+    if not settings.settings.allow_create_admins:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not allowed",
+        )
+    hashed_password = get_password_hash(password)
+    return db.create_user(conn, username, hashed_password, "admin")
+
+@anon_router.post("/add/user")
+async def add_user(
+    username: str,
+    password: str,
+    conn: Annotated[connection, Depends(get_db_connection)]
+):
+    if not settings.settings.allow_create_users:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not allowed",
+        )
+    hashed_password = get_password_hash(password)
+    return db.create_user(conn, username, hashed_password, "user")